/**
 * Copyright (c) iwindplus Technologies Co., Ltd.2024-2030, All rights reserved.
 */

package com.iwindplus.auth.server.extension;

import com.iwindplus.auth.domain.constant.AuthConstant;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;

/**
 * 第三方绑定授权模式身份验证令牌(包含code)
 *
 * @author zengdegui
 * @since 2024/05/22
 */
@Getter
@EqualsAndHashCode(callSuper = false)
public class BindCodeAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken {

    /**
     * 编码.
     */
    private final String code;

    /**
     * 令牌申请访问范围.
     */
    private final Set<String> scopes;

    /**
     * 第三方绑定授权模式身份验证令牌.
     *
     * @param clientPrincipal      客户端信息
     * @param additionalParameters 自定义额外参数
     * @param scopes               令牌申请访问范围
     * @param code                 编码
     */
    protected BindCodeAuthenticationToken(
        Authentication clientPrincipal,
        Map<String, Object> additionalParameters,
        Set<String> scopes,
        String code) {
        super(AuthConstant.GrantTypeBindCodeConstant.BIND_CODE, clientPrincipal, additionalParameters);
        this.scopes = Collections.unmodifiableSet(scopes != null ? new HashSet<>(scopes) : Collections.emptySet());
        this.code = code;
    }
}
